CVE-2021-0271: Junos OS: EX2200-C Series, EX3200 Series, EX3300 Series, EX4200 Series, EX4500 Series, EX4550 Series, EX6210 Series, EX8208 Series, EX8216 Series: Receipt of a crafted ARP packet by an adjacent attacker will cause the sfid process to core.
First published: Wed Apr 14 2021(Updated: )
A Double Free vulnerability in the software forwarding interface daemon (sfid) process of Juniper Networks Junos OS allows an adjacently-connected attacker to cause a Denial of Service (DoS) by sending a crafted ARP packet to the device. Continued receipt and processing of the crafted ARP packets will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS on EX2200-C Series, EX3200 Series, EX3300 Series, EX4200 Series, EX4500 Series, EX4550 Series, EX6210 Series, EX8208 Series, EX8216 Series. 12.3 versions prior to 12.3R12-S17; 15.1 versions prior to 15.1R7-S8. This issue only affects the listed Marvell-chipset based EX Series devices. No other products or platforms are affected.
Credit: sirt@juniper.net
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Juniper JUNOS | =12.3 | |
| Juniper JUNOS | =12.3-r1 | |
| Juniper JUNOS | =12.3-r10 | |
| Juniper JUNOS | =12.3-r10-s1 | |
| Juniper JUNOS | =12.3-r10-s2 | |
| Juniper JUNOS | =12.3-r11 | |
| Juniper JUNOS | =12.3-r12 | |
| Juniper JUNOS | =12.3-r12-s1 | |
| Juniper JUNOS | =12.3-r12-s10 | |
| Juniper JUNOS | =12.3-r12-s11 | |
| Juniper JUNOS | =12.3-r12-s12 | |
| Juniper JUNOS | =12.3-r12-s13 | |
| Juniper JUNOS | =12.3-r12-s14 | |
| Juniper JUNOS | =12.3-r12-s15 | |
| Juniper JUNOS | =12.3-r12-s16 | |
| Juniper JUNOS | =12.3-r12-s3 | |
| Juniper JUNOS | =12.3-r12-s4 | |
| Juniper JUNOS | =12.3-r12-s6 | |
| Juniper JUNOS | =12.3-r12-s8 | |
| Juniper JUNOS | =15.1 | |
| Juniper JUNOS | =15.1-a1 | |
| Juniper JUNOS | =15.1-f | |
| Juniper JUNOS | =15.1-f1 | |
| Juniper JUNOS | =15.1-f2 | |
| Juniper JUNOS | =15.1-f2-s1 | |
| Juniper JUNOS | =15.1-f2-s2 | |
| Juniper JUNOS | =15.1-f2-s3 | |
| Juniper JUNOS | =15.1-f2-s4 | |
| Juniper JUNOS | =15.1-f3 | |
| Juniper JUNOS | =15.1-f4 | |
| Juniper JUNOS | =15.1-f5 | |
| Juniper JUNOS | =15.1-f5-s7 | |
| Juniper JUNOS | =15.1-f6 | |
| Juniper JUNOS | =15.1-f6-s1 | |
| Juniper JUNOS | =15.1-f6-s10 | |
| Juniper JUNOS | =15.1-f6-s12 | |
| Juniper JUNOS | =15.1-f6-s2 | |
| Juniper JUNOS | =15.1-f6-s3 | |
| Juniper JUNOS | =15.1-f6-s4 | |
| Juniper JUNOS | =15.1-f6-s5 | |
| Juniper JUNOS | =15.1-f6-s6 | |
| Juniper JUNOS | =15.1-f6-s7 | |
| Juniper JUNOS | =15.1-f6-s8 | |
| Juniper JUNOS | =15.1-f6-s9 | |
| Juniper JUNOS | =15.1-f7 | |
| Juniper JUNOS | =15.1-r | |
| Juniper JUNOS | =15.1-r1 | |
| Juniper JUNOS | =15.1-r2 | |
| Juniper JUNOS | =15.1-r3 | |
| Juniper JUNOS | =15.1-r4 | |
| Juniper JUNOS | =15.1-r4-s7 | |
| Juniper JUNOS | =15.1-r4-s8 | |
| Juniper JUNOS | =15.1-r4-s9 | |
| Juniper JUNOS | =15.1-r5 | |
| Juniper JUNOS | =15.1-r5-s1 | |
| Juniper JUNOS | =15.1-r5-s3 | |
| Juniper JUNOS | =15.1-r5-s5 | |
| Juniper JUNOS | =15.1-r5-s6 | |
| Juniper JUNOS | =15.1-r6 | |
| Juniper JUNOS | =15.1-r6-s1 | |
| Juniper JUNOS | =15.1-r6-s2 | |
| Juniper JUNOS | =15.1-r6-s3 | |
| Juniper JUNOS | =15.1-r6-s4 | |
| Juniper JUNOS | =15.1-r6-s6 | |
| Juniper JUNOS | =15.1-r7 | |
| Juniper JUNOS | =15.1-r7-s1 | |
| Juniper JUNOS | =15.1-r7-s2 | |
| Juniper JUNOS | =15.1-r7-s3 | |
| Juniper JUNOS | =15.1-r7-s4 | |
| Juniper JUNOS | =15.1-r7-s5 | |
| Juniper JUNOS | =15.1-r7-s6 | |
| Juniper JUNOS | =15.1-r7-s7 | |
| Juniper Ex2200-c | ||
| Juniper Ex3200 | ||
| Juniper Ex3300 | ||
| Juniper Ex4200 | ||
| Juniper Ex4500 | ||
| Juniper Ex4550 | ||
| Juniper Ex6210 | ||
| Juniper Ex8208 | ||
| Juniper Ex8216 |
Remedy
The following software releases have been updated to resolve this specific issue: Junos OS: 12.3R12-S17, 15.1R7-S8, and all subsequent releases.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2021-0271?
CVE-2021-0271 is classified with a high severity level, as it can lead to a Denial of Service (DoS).
How do I fix CVE-2021-0271?
To fix CVE-2021-0271, you should upgrade the affected Junos software to a patched version provided by Juniper Networks.
Which versions of Junos OS are affected by CVE-2021-0271?
CVE-2021-0271 affects several versions of Junos OS, including 12.3 and 15.1.
What impact does CVE-2021-0271 have on devices?
CVE-2021-0271 allows an adjacent attacker to send a crafted ARP packet that can cause a Denial of Service (DoS) on affected devices.
Is there a workaround for CVE-2021-0271?
Currently, the best protection against CVE-2021-0271 is to apply the security updates provided by Juniper Networks as there are no known workarounds.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/author
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/title
- agent/references
- agent/description
- agent/first-publish-date
- agent/event
- agent/tags
- agent/source
- vendor/juniper
- canonical/juniper junos
- version/juniper junos/12.3
- version/juniper junos/12.3-r1
- version/juniper junos/12.3-r10
- version/juniper junos/12.3-r10-s1
- version/juniper junos/12.3-r10-s2
- version/juniper junos/12.3-r11
- version/juniper junos/12.3-r12
- version/juniper junos/12.3-r12-s1
- version/juniper junos/12.3-r12-s10
- version/juniper junos/12.3-r12-s11
- version/juniper junos/12.3-r12-s12
- version/juniper junos/12.3-r12-s13
- version/juniper junos/12.3-r12-s14
- version/juniper junos/12.3-r12-s15
- version/juniper junos/12.3-r12-s16
- version/juniper junos/12.3-r12-s3
- version/juniper junos/12.3-r12-s4
- version/juniper junos/12.3-r12-s6
- version/juniper junos/12.3-r12-s8
- version/juniper junos/15.1
- version/juniper junos/15.1-a1
- version/juniper junos/15.1-f
- version/juniper junos/15.1-f1
- version/juniper junos/15.1-f2
- version/juniper junos/15.1-f2-s1
- version/juniper junos/15.1-f2-s2
- version/juniper junos/15.1-f2-s3
- version/juniper junos/15.1-f2-s4
- version/juniper junos/15.1-f3
- version/juniper junos/15.1-f4
- version/juniper junos/15.1-f5
- version/juniper junos/15.1-f5-s7
- version/juniper junos/15.1-f6
- version/juniper junos/15.1-f6-s1
- version/juniper junos/15.1-f6-s10
- version/juniper junos/15.1-f6-s12
- version/juniper junos/15.1-f6-s2
- version/juniper junos/15.1-f6-s3
- version/juniper junos/15.1-f6-s4
- version/juniper junos/15.1-f6-s5
- version/juniper junos/15.1-f6-s6
- version/juniper junos/15.1-f6-s7
- version/juniper junos/15.1-f6-s8
- version/juniper junos/15.1-f6-s9
- version/juniper junos/15.1-f7
- version/juniper junos/15.1-r
- version/juniper junos/15.1-r1
- version/juniper junos/15.1-r2
- version/juniper junos/15.1-r3
- version/juniper junos/15.1-r4
- version/juniper junos/15.1-r4-s7
- version/juniper junos/15.1-r4-s8
- version/juniper junos/15.1-r4-s9
- version/juniper junos/15.1-r5
- version/juniper junos/15.1-r5-s1
- version/juniper junos/15.1-r5-s3
- version/juniper junos/15.1-r5-s5
- version/juniper junos/15.1-r5-s6
- version/juniper junos/15.1-r6
- version/juniper junos/15.1-r6-s1
- version/juniper junos/15.1-r6-s2
- version/juniper junos/15.1-r6-s3
- version/juniper junos/15.1-r6-s4
- version/juniper junos/15.1-r6-s6
- version/juniper junos/15.1-r7
- version/juniper junos/15.1-r7-s1
- version/juniper junos/15.1-r7-s2
- version/juniper junos/15.1-r7-s3
- version/juniper junos/15.1-r7-s4
- version/juniper junos/15.1-r7-s5
- version/juniper junos/15.1-r7-s6
- version/juniper junos/15.1-r7-s7
- canonical/juniper ex2200-c
- canonical/juniper ex3200
- canonical/juniper ex3300
- canonical/juniper ex4200
- canonical/juniper ex4500
- canonical/juniper ex4550
- canonical/juniper ex6210
- canonical/juniper ex8208
- canonical/juniper ex8216